securedirectoryserviceimpl.java

来自「GridSphere 门户 提供一个基于 portlet 的高级开放源代码门户。」· Java 代码 · 共 480 行 · 第 1/2 页

/**
 * @author <a href="mailto:tkucz@icis.pcz.pl">Tomasz Kuczynski</a>
 * @version 0.7 2004/10/06
 */
package org.gridsphere.services.core.secdir.impl;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oro.text.perl.Perl5Util;
import org.gridsphere.portlet.service.spi.PortletServiceConfig;
import org.gridsphere.portlet.service.spi.PortletServiceProvider;
import org.gridsphere.services.core.secdir.FileInfo;
import org.gridsphere.services.core.secdir.FileLocationID;
import org.gridsphere.services.core.secdir.SecureDirectoryService;

import java.io.*;
import java.net.URLEncoder;
import java.util.StringTokenizer;

public class SecureDirectoryServiceImpl implements SecureDirectoryService, PortletServiceProvider {
    private Perl5Util util = new Perl5Util();
    private static boolean inited = false;
    private final static int BUFFER_SIZE = 8 * 1024; //8 kB
    private static String secureDirPath;
    private static final String SECURE_SERVLET_MAPPING = "secure";
    protected Log log = LogFactory.getLog(SecureDirectoryServiceImpl.class);

    public void init(PortletServiceConfig config) {
        if (!inited) {
            secureDirPath = config.getServletContext().getRealPath("/WEB-INF/" + SECURE_SERVLET_MAPPING);
            File f = new File(secureDirPath);
            if (!f.exists()) {
                log.debug("Creating secure directory for users: " + secureDirPath);
                if (!f.mkdirs())
                    log.error("Unable to create directory" + secureDirPath);
            }
            inited = true;
        }
    }

    public void destroy() {
    }

    public String getFileUrl(FileLocationID fileLocationID) {
        return getDownloadFileUrl(fileLocationID, null, null);
    }

    public String getDownloadFileUrl(FileLocationID fileLocationID, String saveAs, String contentType) {
        String userID = fileLocationID.getUserID();
        String appName = fileLocationID.getCategory();
        String resource = fileLocationID.getFilePath();
        boolean shared = fileLocationID.isShared();
        if (userID == null || appName == null || resource == null || !inited)
            return null;
        String userDirectoryPath;
        resource = util.substitute("s!\\\\!/!g", resource);
        resource = util.substitute("s!^/!!", resource);
        if ((userDirectoryPath = getUserDirectoryPath(userID)) != null) {
            String filePath = userDirectoryPath + File.separator + appName + File.separator + resource;
            File file = new File(filePath);
            if (!file.exists() || file.isDirectory())
                return null;
            String queryString = "";
            if (saveAs != null && !saveAs.equals("")) {
                try {
                    queryString += "saveAs=" + URLEncoder.encode(saveAs, "UTF-8");
                } catch (Exception e) {
                }
            }
            if (contentType != null && !contentType.equals("")) {
                if (!queryString.equals(""))
                    queryString += "&";
                try {
                    queryString += "contentType=" + URLEncoder.encode(contentType, "UTF-8");
                } catch (Exception e) {
                }
            }
            if(shared){
                if (!queryString.equals(""))
                    queryString += "&";
                queryString += "shared=true";
            }
            resource = util.substitute("s!\\\\!/!g", resource);
            String url = SECURE_SERVLET_MAPPING + "/" + appName + "/" + resource + (queryString != null && !queryString.equals("") ? "?" + queryString : "");
            return url;
        } else {
            return null;
        }
    }

    public FileInfo[] getFileList(FileLocationID fileLocationID) {
        String userID = fileLocationID.getUserID();
        String appName = fileLocationID.getCategory();
        String path = fileLocationID.getFilePath();
        if (userID == null || appName == null || path == null || !inited)
            return null;
        String userDirectoryPath;
        //FOR SECURITY REASONS DO NOT CHANGE THE FOLLOWING REGEXPS (UNLESS YOU KNOW WHAT YOU ARE DOING)
        path = util.substitute("s!\\\\!/!g", path);
        do {
            path = util.substitute("s!^/!!", path);
            path = util.substitute("s!\\.\\.!.!g", path);
            path = util.substitute("s!^\\.[\\/]!!", path);
        } while (util.match("m!^/|\\.\\.|^\\.[\\/]!", path));
        if ((userDirectoryPath = getUserDirectoryPath(userID)) != null) {
            String dirPath = userDirectoryPath + File.separator + appName + File.separator + path;
            File directory = new File(dirPath);
            if (!directory.exists() || !directory.isDirectory())
                return null;
            String[] directoryList = directory.list();
            int start = 1; //(path.length() == 0 ? 0 : 1);
            FileInfo[] resourceList = new FileInfo[directoryList.length + start];
            if (start == 1) {
                resourceList[0] = new FileInfo("..", true, directory.lastModified(), 0);
            }
            for (int i = 0; i < directoryList.length; ++i) {
                String resourceName = directoryList[i];
                File file = new File(dirPath + resourceName);
                resourceList[i + start] = new FileInfo(resourceName, file.isDirectory(), file.lastModified(), file.length());
            }
            return resourceList;
        } else {
            return null;
        }
    }

    public File getFile(FileLocationID fileLocationID) {
        return getFile(fileLocationID, true);
    }

    public boolean deleteFile(FileLocationID fileLocationID) {
        return deleteFile(fileLocationID, false);
    }

    public boolean deleteFile(FileLocationID fileLocationID, boolean recursive) {
        return deleteFile(fileLocationID, recursive, false);
    }

    public boolean deleteFile(FileLocationID fileLocationID, boolean recursive, boolean delTree) {
        String userID = fileLocationID.getUserID();
        String appName = fileLocationID.getCategory();
        String resource = fileLocationID.getFilePath();
        //FOR SECURITY REASONS DO NOT CHANGE THE FOLLOWING REGEXPS (UNLESS YOU KNOW WHAT YOU ARE DOING)
        do {
            resource = util.substitute("s!\\.\\.!.!g", resource);
        } while (util.match("m!\\.\\.!", resource));
        if (deleteFile(userID, appName, resource, delTree)) {
            return true;
        } else
            return deleteDirectory(userID, appName, resource, recursive, delTree);
    }

    public boolean copyFile(FileLocationID srcFileLocationID, String fileDest) {
        String userID = srcFileLocationID.getUserID();
        String appName = srcFileLocationID.getCategory();
        String resourceSource = srcFileLocationID.getFilePath();
        if (!isInPath(resourceSource, fileDest))
            return copyResource(userID, appName, resourceSource, fileDest);
        return false;
    }

    public boolean moveFile(FileLocationID srcFileLocationID, String fileDest) {
        String userID = srcFileLocationID.getUserID();
        String appName = srcFileLocationID.getCategory();
        String resourceSource = srcFileLocationID.getFilePath();
        if (!isInPath(resourceSource, fileDest))
            if (copyResource(userID, appName, resourceSource, fileDest))
                return deleteFile(new FileLocationID(userID, appName, resourceSource), true);
        return false;
    }

    public void addFile(FileLocationID fileLocationID, InputStream inputStream) throws IOException {
        String userID = fileLocationID.getUserID();
        String appName = fileLocationID.getCategory();
        String resource = fileLocationID.getFilePath();
        File file = getFile(fileLocationID);
        if (file == null)
            throw new IOException("Unable to add file for (USERID=" + userID + ",CATEGORY=" + appName + ",FILENAME=" + resource + ") !");
        try {
            file.delete();
            if (!file.createNewFile())
                throw new IOException("Unable to add file for (USERID=" + userID + ",CATEGORY=" + appName + ",FILENAME=" + resource + ") ! Can't create file.");
            FileOutputStream output = new FileOutputStream(file);
            rewrite(inputStream, output);
            output.flush();
            output.close();
        } catch (Exception e) {
            throw new IOException("Unable to add file for (USERID=" + userID + ",CATEGORY=" + appName + ",FILENAME=" + resource + ") !" + e.getMessage());
        }
    }

    public void addFile(FileLocationID fileLocationID, File inputFile) throws IOException {
        FileInputStream input = new FileInputStream(inputFile);
        addFile(fileLocationID, input);
        input.close();
    }

    public boolean categoryExistsForUser(String userID, String category) {
        if (userID == null || category == null || !inited)
            return false;
        //FOR SECURITY REASONS DO NOT CHANGE THE FOLLOWING REGEXP (UNLESS YOU KNOW WHAT YOU ARE DOING)
        category = util.substitute("s![\\/.]!!g", category);
        String userDirectoryPath;
        if ((userDirectoryPath = getUserDirectoryPath(userID)) != null) {
            String filePath = userDirectoryPath + "/" + category;
            File file = new File(filePath);
            if (!file.exists()) {
                return false;
            } else if (!file.isDirectory()) {
                return false;
            } else {
                return true;
            }
        }
        return false;
    }

    public void createCategoryForUser(String userID, String category) throws IOException {
        if (userID == null || category == null || !inited) {
            if (!inited)
                throw new IOException("Unable to create category for user ! SecureDirectory service is not initialized.");
            throw new IOException("Unable to create category for user (USERID=" + userID + ",CATEGORY=" + category + ")");
        }
        //FOR SECURITY REASONS DO NOT CHANGE THE FOLLOWING REGEXP (UNLESS YOU KNOW WHAT YOU ARE DOING)
        category = util.substitute("s![\\/.]!!g", category);
        String userDirectoryPath;
        if ((userDirectoryPath = getUserDirectoryPath(userID)) != null) {
            String filePath = userDirectoryPath + "/" + category;
            File file = new File(filePath);
            if (!file.exists()) {
                if (!file.mkdir()) {
                    log.error("Unable to create directory for application " + filePath);
                    throw new IOException("Unable to create category for user (USERID=" + userID + ",CATEGORY=" + category + ") ! Can't create directory.");
                }
            } else {
                return;
            }
        } else {
            throw new IOException("Unable to create category for user (USERID=" + userID + ",CATEGORY=" + category + ")! Can't get user directory.");
        }